Citrix breach illustrates common weakness in the digital infrastructure of companies

Summary

Citrix—one of the world’s largest networking and remote access technology companies—announced patches for a known vulnerability more than one month after it was announced. It is a $15BN company that more than 400,000 companies, including many of the Fortune 500, rely upon to keep their data safe and networks secure.

The flaw was identified on December 17, 2019 and affected two of Citrix’s most popular products, including its VPN tool. Citrix was not entirely clear about the potential opening this provided to hackers saying, “it could allow an unauthenticated attacker to perform arbitrary code execution.”

It’s likely this patch was too late for some of Citrix’s customers. According to FireEye, an unknown hacker, or set of hackers, was exploiting the vulnerability in a Citrix product, cleaning up other malware on that network, and planting their own code, likely as a backdoor for future access. The extent of the potential damage already caused or enabled by this vulnerability is not known.

Report

Analysis

Companies rely upon Citrix to secure their networks or, as the company says, “giving IT the peace of mind that critical systems will always be accessible and secure.” As companies have accelerated digital transformation efforts, the common assumption was that outsourcing network security to a company like Citrix was the right security move.

This followed Citrix’s most recent publicly announced breach in March 2019. As stated in past research, “If a company like Citrix had a serious outage, we would take a step toward a systemic risk problem. Consider the (previous) breach to be a mere warning shot that companies dependent on this infrastructure should heed and get a firm understanding of how such a risk impacts the business.” See previous research notes about fundamental weakness in the digital infrastructure of companies.

The Citrix issue is representative of the significant downside risks faced by companies undertaking digital transformation (see below), but often not explicitly recognized. Boards and C-suites have been happy with the productivity and cost savings benefits of such outsourcing, but it has come at the expense of security for many companies.

About

Contacts

Follow us

Discover more

Cyberhedge Index Tickers

CBHUSSGUSA 5-Star Companies

CBHEUSGEU 5-Star Companies

CBHUSSBUSA 1-Star Companies

CBHEUSBEU 1-Star Companies

CBHUSAGUSA 5+4-Star Companies

CBHEUAGEU 5+4-Star Companies

All materials contained on this site are protected by copyright and may not be reproduced, distributed, transmitted, displayed or published without the prior written permission of Cyberhedge or in the case of third party materials, the owner of that content. You may not alter or remove any trademark, copyright or other notice from copies of the content.

The Cyberhedge IndicesCookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.